﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
namespace BetterWebBooking.CodeFolder
{
    public class DBHelper
    {
        //Validate the user from DB
        public static bool CheckUser(string username, string password)
        {
            DataTable result = null;
            try
            {
                using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["mssqlUnoEuro"].ConnectionString))
                {
                    using (SqlCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandType = CommandType.Text;
                        cmd.CommandText = "select cPassword from Customer where cUserName = @uname";
                        cmd.Parameters.Add(new SqlParameter("@uname", username));

                        using (SqlDataAdapter da = new SqlDataAdapter(cmd))
                        {
                            result = new DataTable();
                            da.Fill(result);
                        }

                        if (password.Trim() == result.Rows[0]["cPassword"].ToString().Trim())
                        {
                            //user id found and password is matched too so lets do soemthing now
                            return true;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                //Pokemon exception handling
            }

            //user id not found, lets treat him as a guest        
            return false;
        }

       

        //Create the user in DB
        public static void CreateUser(string username, string name, string address, string zip, string email, string password)
        {
            DataTable result = null;
            try
            {
                using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["mssqlUnoEuro"].ConnectionString))
                {
                    using (SqlCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandType = CommandType.Text;
                        cmd.CommandText = @"insert into customer values ('" + username + "','" + name + "','" + address + "','" + zip + "','" + email + "','" + password + "')";
                        //cmd.Parameters.Add(new SqlParameter("@uname", username));
                        //cmd.Parameters.Add(new SqlParameter("@name", name));
                        //cmd.Parameters.Add(new SqlParameter("@address", address));
                        //cmd.Parameters.Add(new SqlParameter("@zip", zip));
                        //cmd.Parameters.Add(new SqlParameter("@email", email));
                        //cmd.Parameters.Add(new SqlParameter("@pass", password));


                        using (SqlDataAdapter da = new SqlDataAdapter(cmd))
                        {
                            result = new DataTable();
                            da.Fill(result);
                        }

                     
                    }
                }
            }
            catch (Exception ex)
            {
                //Pokemon exception handling
            }
        }
       
    }
}